Thursday, December 22, 2011

Your eye is precious, one of the causes for eye problem such as eye floaters are caused by using computer for a prolong period without taking any break.

Learn to take frequently break when using computer, you don't need to constantly stare to the monitor screen . In addition, if you office have windows try to look at the out side view. This will help reduce your eye strain.

Other things that your could are by setting up your computer screen text and fonts bigger.

a) Make your web browser text and page content bigger.

You don't have to squint your eyes to 10 pixel text, make it bigger . For Google Chrome, to make the page content do this.

Click Spanar icon, located at the top right of the browser.

Click Option

Click Under The Hood

Go to the Web Content section, make Font Size larger and also the Page Zoom higher.

For Internet Explorer 8, the steps are as follows :

Click View

Set the Zoom and Text Size Bigger

b) In addition, you could as well make your Window icons and texts to be bigger. This is for Window Xp

The steps are as follows :

Go to your desktop. Right click your mouse.

Click Properties

Click Appearance Tab.

Set Font Size as Large Font or Extra Large Font

Now, it is better for your eyes.

c) For other computer programs, check whether they have functions to make the text and icons bigger.

For Adobe Dreamweaver, you could make the computer code to look bigger. The steps are as follows.

Thursday, November 10, 2011

When developing website or ecommerce solution, important aspect of the design is the database security. The database needs to be protected from any security loopholes. If you’re using MySQL, one way to protect your db is by using MySQL access privileges system. You create specific user type for different user activity.

For example, if you developing website where user can register and add content inside your website. You might have three type of users:

Public : general user who might just select and browse through your site.

Registered : User who can add content to your site.

Admin : User who manage your users and content. Ban the users and some other admin function.

Based on the user types , you create separate MySQL user accounts with the following permission.

Public : SELECT

Customer : SELECT, INSERT, UPDATE

Admin : SELECT, INSERT, UPDATE, DELETE

You could write your configuration file as follow:

DEFINE(‘DB_HOST’,’localhost’);

DEFINE(‘DB_NAME’,’databasename’);

If (isset($user) && ($user==’Admin’)) {

DEFINE(‘DB_USERNAME’,’usernameA’);

DEFINE(‘DB_PASSWORD’,’passwordA’);

}

elseif (isset($user) && ($user==’Customer’)) {

DEFINE(‘DB_USERNAME’,’usernameB’);

DEFINE(‘DB_PASSWORD’,’passwordB’);

}

else {

DEFINE(‘DB_USERNAME’,’usernameC’);

DEFINE(‘DB_PASSWORD’,’passwordC’);

}

Keep the connection file outside of your web root, in a private folder. This prevents outsider’s access to site. If you don’t have a private folder, then protect the file by using .htaccess

Try not to provide the following permissions to users who connect from website. If you got hacked, you will give lots of fire power to the hacker to do the damage.

PROCESS, FILE, SHUTDOWN, DROP, CREATE and ALTER.

By limiting the users’ permission you can protect your site from any harm. Even if you site has been hacked, the damage could be limited.

Monday, July 25, 2011

Hope this email finds you well! We'd like to ask if you could please spend a few minutes of your time on this very important community announcement.

Yesterday evening on Friday (22nd July), we discovered an illegal and unauthorised intrusion into our network, which was the latest in a series of hacking incidents by a group of individuals who also claim to have targeted Streamyx, CIMB, TV3 and the several other local websites previously. In our case, the hackers claimed to have downloaded a portion of our blogger account information and published the emails of some 30,000 Nuffnang accounts.

The breach has since been fixed, and we’d like to address a few key concerns that you may have.

1. Your password is safe.

As part of the existing security measures, all user passwords in our database have always been protected with one-way encryption. Nevertheless, we still encourage you to change your password (especially if you use the same password for other sites) as a precautionary measure in case the hackers are able to get past the encryption.

2. Blog earnings and payment records are not affected.

Current earnings and payment history for all users are safe and were not compromised in any way.

3. Loading of blogs serving Nuffnang ads is not affected.

At 1.00 am last night, our Tech team took down the website for maintenance and for a few hours, ads were not served. This morning though, everything is up and running again and back to normal. All blogs serving Nuffnang ads loaded as usual and were not affected by the breach.

This security lapse is an isolated incident, as the security of our sites has always been and always will be our utmost priority. It has however opened our eyes on some vulnerabilities we had on our website. In response to that, we will be taking measures to further heighten the security of the Nuffnang framework because from what we understand, that was after all the motivation of the hackers – not to cause any permanent damage, but to highlight vulnerabilities in a system.

To the Nuffnangers who made many attempts to alert us once word got out that the Nuffnang site was hacked, we cannot begin to thank you enough.

To the wonderful Nuffnang community, thank you for standing by us in this time of crisis. Your patience and support is something we are thankful for and will never take for granted. We apologize for any inconvenience caused, and for not being able to prevent this breach. We have put dedicated staff to work on this matter, therefore to address any concerns or questions you may have about this incident, please write in to us at security [at ] nuffnang [dot ] com

The minimum cost that the system allows you to set in the ad campaign is USD 0.02 for CPM and USD 0.01 forCPC. The system will suggest the bid amount, but you could set it lower. For my campaign, I put USD 0.02 the minimum amount for 1000 impressions and still manage to run my campaign as I want.

If you want to create awareness for your new portal, product or service but you don’t care whether the people actually click the advertisement than you should choose Pay per impression pricing for your campaign. Or else use CPC pricing for your campaign.

The minimum daily budget for CPC and CPM is USD 1.00 and Facebook advertising will not charge you more than the minimum budget you have set. In addition, your daily budget must be 2 times the CPC or CPM amount that you set. If you set 10 USD for the CPC, then your minimum daily budget must be set as 20 USD.

Facebook will charge your Paypal or credit card for the campaign on a specific billable date or earlier if you have stopped/completed your campaign.

5.1.1 The system response time must be less than 10 seconds for both OMBS-GI and OMBS-MMI.

5.1.2 The system must process the number of transaction based on the following calculation method.

5.2 Reliability Requirement

5.2.1 OMBS system shall have a minimum uptime of 99 % excluding time pre-scheduled for maintenance and/or upgrades.

5.3 Safety Requirements

5.3.1 All system data must be backed up every 24 hours and the backup copies stored in another server at different building or location for disaster recovery.

5.4 Security Requirements

5.4.1 All access permission for the system data may only be changed by the system's administrator.

5.4.2 All communication between OMBS-MMI server data with client shall be encrypted by using Secure Socket Layer (SSL) technology.

5.4.3 Transaction between client and server for Guest Interface (OMBS-GI), only applicable for account creation, purchase movie and purchase history functions shall be done using Secure Socket Layer (SSL) technology to encrypt the data.

5.5 Design Constraint

5.5.1 The OMBS shall be web based system that run on different type of browser such as Internet Explorer, Mozilla and Google Chrome. The system shall be developed using Java, Javascript, Ajax and Php programming languages. The system shall run using Apache Server and MySql Database Server.

5.6 Software Quality Attributes

The source codes for the system is well documented for ease of maintenance and upgrading the system in future.

Please note : OUM Students don't copy this SRS document, I have submitted this paper for September 2010 assignment paper on software requirements

3. System Requirements

This section contains all the software requirements at a very detail level, combined with the use case diagram, use case description and the sequence diagram will enable software engineers to design the OMBS according to end users requirements, and test engineers to test the system.

For the use case diagrams and the descriptions,please refer to Appendix A.

For the sequence diagrams, please refer to Appendix B.

3.1 Functional Requirements

Functional requirements define the fundamental actions that system must perform. ABC Sdn Bhd (ABC) online movie booking system (OMBS) could be divide into two interface that works together seamlessly.

The first interface is only accessible to the customers and visitors called Guest Interface (OMBS-GI) . And the second interface is only accessible by ABC staff called Movie Management Interface(OMBS-MMI)

Guest Interface (OMBS-GI) Functional Requirements

Guest Interface (OMBS-GI) will have the following functional requirements. Accessible via ABC main website portal.

3.1.1. View Movie Details.

3.1.1.1. The system shall enable customer or visitor to view list of movies showcased at each venue by date and time.

3.1.2. Search Movie

3.1.2.1. The system shall have search function. Customer or visitor can search movies based on movie name, date, time and venue

3.1.3. Create Account

3.1.3.1. The system shall function to create account. The system shall record all the following data from the customer, except for the optional fields, all other data is mandatory.

3.1.3.2. The system shall send activation link via email to customer to activate the account.

3.1.4. Customer Login

3.1.4.1. The system shall have customer login function. Once activated, customer can login using username and password.

3.1.4.2. The system shall have username and password recovery function. The system shall ask Security Questions that customer entered during registration. If the customer enters correct Security Answer, the system shall email username and password to the customer.

3.1.5. Purchase Movie

3.1.5.1. The system shall enable customer to purchase the movie ticket from Guest Interface (OMBS-GI).

3.1.5.2. The system shall display list of movies showcased at each venue.

3.1.5.3. The system shall display for each movie at the venue the following details

a) Date

b) Time

c) Price

3.1.5.4. The system shall have Book Now button. When the Book Now is pressed, the system shall prompt customer to login or register account.

3.1.5.5. The system shall allow customer who have login only to continue to purchase the ticket. If customer haven't login, prompt customer to login or create an account. Then only customer can continue.

3.1.5.6. Once login, the system shall record the following details in (Booking Screen).

a) Number of adults

b) Number of children

c) Date

d) Time

3.1.5.7. The system shall have Next button and Cancel button.

3.1.5.8. The system shall display the seating position (Seating Screen) still available for the movie based on time and date.

3.1.5.9. The system shall record the seatings selected by the customer.

3.1.5.10. The system shall have lock function. OMBS will prevent customers or counter clerk from booking the same ticket based first come first serve policy. Whoever, books the seat number first, the system shall hold the ticket for 10 minutes for them to completed the purchasing process. If not the system shall release back the ticket for anyone to purchase.

3.1.5.11. The system shall have Next button, Back button and Cancel button.

3.1.5.12. The system shall display (Review Screen) with all the following details.

a) Customer details, such as First Name, Last Name, Address, Telephone and etc.

b) Booking details, such as No of Adults, No of Children, Date, Time & Seating Numbers

c) The system shall provide discount for ABC Priority Card holder if applicable. ABC Priority Card holder number is validate to ensure the membership is still active.

d) The system shall calculate the service charges and the government tax charges.

e) The total price to be paid.

3.1.5.13. The system shall have Back button, Check Out button and Cancel button.

3.1.5.14. Once customer click the Check Out button, the system shall redirect the customer to Paypal to make the payment.

3.1.5.15. The customer shall confirm the payment details and Click the Pay Now button to purchase the movie tickets.

3.1.5.16. The system shall display thank you (Thank You Screen) message for the purchase.

3.1.5.17. The system shall also send an email notification to the customer about the purchase. Confirmation number is stated in email notification. Customer need to provide the confirmation number to the counter clerk to get the movie ticket at the branch.

3.1.5.18. If the customer cancels the payment in Paypal, the system shall display the booking details back (Review Screen).

3.1.6. Purchase History

3.1.6.1. The system shall allow only customer who have login to access this record

3.1.6.2. The system shall have list of purchased movie details made by the customer.

3.1.8.1. The system shall allow system administrator only to access this module. System administrator shall login first to access this module.

3.1.8.2. The system shall allow the system administrator to add staff , update staff and delete staff .

3.1.8.3. The system shall record all the following details, except the optional fields.

a) Staff Username

b) Password

c) Account Type, determines which modules accessible to staff.

d) First Name

e) Last Name

f) Street Address 1,

g) Street Address 2, (Optional)

h) Zip Code,

i) City/Town

j) State

k) Country

l) Telephone Number

m) Fax Number (Optional)

n) Branch / Headoffice Location

3.1.8.4. System administrator will email to the staff username and password to access the system.

3.1.8.5. The system shall provide permission to the modules for each staff based on Account Type and Branch / Head Office Location.

3.1.8.6. The system shall have search function.

3.1.9. Reservation Module

3.1.9.1. The system shall allow counter clerk, branch manager and branch supervisor of the cinema branch to access the module. They shall to login first to access this module.

3.1.9.2. The system shall limit the access to branch level only.

3.1.9.3. The system shall display list of movies showcased at the branch.

3.1.9.4. The system shall allow the counter clerk to select the movie based the following criteria.

a) Date

b) Time

3.1.9.5. The system shall record the following details from the customer

a) Number of adult

b) Number of children

3.1.9.6. The system shall display the Seating Screen for customer to select their seat location

3.1.9.7. The system shall allow the counter clerk to book the seats for the customer.

3.1.9.8. The system shall have lock function. OMBS will prevent customers or counter clerk from booking the same ticket based on first come first serve policy. Whoever, books the seat number first, the system shall hold the ticket for 10 minutes for them to completed the purchasing process. If not the system shall release back the ticket for anyone to purchase.

3.1.9.9. The system shall display the total amount to be paid.

3.1.9.10. The system shall allow the counter clerk to print the movie ticket.

3.1.10. Ticket Module. For customer who bought the ticket on-line, they need to get the movie ticket from the branch. To get the movie ticket they need to provide the confirmation number that was generate when they book the ticket online.

3.1.10.1. The system shall allow counter clerk, branch manager and branch supervisor of the cinema branch to access the module. They shall to login first to access the module.

3.1.10.2. The system shall limit the access to branch level only.

3.1.10.3. The system shall allow counter clerk to search the movie reservation by using the confirmation number.

3.1.10.4. The system shall allow the counter clerk to print movie ticket for valid confirmation number.

3.1.10.5. The system shall report invalid confirmation number.

3.1.11. Membership Module. This module is used to register ABC priority card holder.

3.1.11.1. The system shall allow counter clerk, branch manager and branch supervisor of the cinema branch to access the module. They shall to login first to access this module.

3.1.11.2. The system shall limit the access to branch level only.

3.1.11.3. The system shall allow counter clerk to add member, update member and delete member.

3.1.11.4. The system shall record the following data for the customer.

3.1.13.5. The system shall have the flexibility to create pricing table based on the following pricing parameter.

a) Weekday pricing

b) Weekend pricing

c) Public Holiday pricing

d) Based on Adult or children.

e) Eligible discount for ABC priority card holder.

3.1.14. Availability module

3.1.14.1. The system shall allow branch manager and branch supervisor of the branch only to access this module. Branch manager or branch supervisor shall login first to access this module.

3.1.14.2. The system shall limit the access to branch level only.

3.1.14.3. The system shall allow the branch manager or supervisor to add availability, update availability and delete availability.

3.1.14.4. The system shall allow each branch to manage the availability of the movie showcased at their cinema. The branch manager or supervisor can make the movie available or not available at their branch.

3.1.14.5. The system shall make the movie available with the following steps

a) Add the new movie.

b) Select the pricing table.

c) Enter the Start Date

d) Enter the End Date

e) Select the halls involved.

f) Select the time slot for the movie.

g) Enter how many hour or day the system shall stop selling the movie ticket via Guest Interface (OMBS-GI) system

3.1.14.6. The system shall allow many availability for each movie. This allow different hall and time slot to be selected.

3.1.14.7. The system shall not have date overlapping between the movie availabilities.

3.1.14.8. The system shall display the movie details at Guest Interface (OMBS-GI) when it is made available. The system shall display the following details for each movie

a) Movie Title

b) Movie Summary

c) Movie Description

d) Movie Duration

e) Movie Cast List

f) Movie Director

g) Movie Photos

h) Time Slot

i) Plus, the capability to book the movie ticket online.

3.1.14.9. The system shall allow the branch manager or supervisor to delete availability based on date and time for unforeseen reason.

3.1.14.10. The system shall generate list of customer that ABC need to refund for customer who have already purchased the ticket online, to be handled by ABC Credit Unit. Customer who bought the ticket from the counter can get the refund from the counter clerk.

3.1.15. Branch Module

3.1.15.1. The system shall allow system administrator only to access this module. System administrator shall login first to access this module.

3.1.15.2. The system shall allow system administrator to add branch and update branch.

3.1.15.3. The system shall record the following details for each branch

a) Branch Overview

b) Branch Description

c) Branch Address & Contact Details

d) Branch Location Map

e) Branch Photos

3.1.15.4. The system shall not have delete function to remove the branch details. This is to prevent accidental error by the system administrator. The system shall only allow to make the branch details to be publish or not publish.

3.1.15.5. The system shall allow system administrator to add hall and update hall for each branch.

3.1.15.6. The system shall not have delete function to remove the hall details. This is to prevent accidental error by the system administrator. The system shall only allow to make the hall details to be publish or not publish.

3.1.15.7. The system shall allow to set the seating configuration of each hall in the branch.

a) The system shall record the number of rows in the hall.

b) The system shall record the number of columns in the hall.

3.1.16. Report Module.

3.1.16.1. The system shall generate report based account types.

3.1.16.2. The system shall generate the following reports for each branch manager or branch supervisor. Branch manager or branch supervisor shall login first to access the reports. Report generated for the respective branch only.

a) Branch Sales Report

b) Branch Occupancy Report

3.1.16.3. The system shall generate the following reports for head office personnels. Head office personnel shall login first to access the reports. Report based on each branch or summarization of the total ABC branches.

a) Head Office Sales Report

b) Head Office Occupancy Report

3.1.16.4. The system shall generate the following report for ABC Credit Unit. This report is used to refund customers back for cancellation of show by branch. Applicable only to customer who purchased the ticket online via Guest Interface (OMBS-GI).